VDB

GSD-2008-2042

GSD-2008-2042 PUBLISHED

The Javascript API in Adobe Acrobat Professional 7.0.9 and possibly 8.1.1 exposes a dangerous method, which allows remote attackers to execute arbitrary commands or trigger a buffer overflow via a crafted PDF file that invokes app.checkForUpdate with a malicious callback function.

Affected Products

VendorProductVersions
n/an/an/a

Timeline

  • Nov 7, 2007 CVE Published
  • Sep 9, 2013 PoC Published
  • Sep 23, 2014 PoC Published
  • Jul 2, 2021 PoC Published
  • Jan 24, 2023 PoC Published
  • Jul 30, 2025 PoC Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›